Pornography: An Ounce of Prevention is worth a PR Pounding of Cure. (Part 2 of 2)

Computerworld Canada - March 27, 1998. I am in the business so I hear all the good stories the most recent is a Toronto Law firm that fired on of its staff members for downloading, viewing and distributing Internet pornography. Lawyer jokes aside this is a serious matter. In the first part of this series I dealt with the facts that employees are looking at pornography in the workplace. Today in your company someone is probably looking at pornography using Internet access. The facts are not disputable. The available material is worse than you might ever imagine and in most cases you will only find out when there is a serious problem. Okay, so now you have caught an employee. Now you have to manage the situation. Most companies don't know what to do in these cases so a strong warning is issued. Sometimes, depending on the content and its severity employees are fired. Now what's next? It usually takes this rude wake up call for most businesses to devise and implement a strategy around Internet access. After trying to put out the fires and keeping a lid on potential PR nightmare there are some very effect step firms can take. I am suggesting that in these cases it is always better to learn from the mistakes of other companies. Incidences are rarely, if ever reported so you will have to take my word that this is happening more often than you think. There are four major steps in preventing employees from accessing pornographic material at their workstations. I have worked with organization to help them prevent access of "undesirable" material and the best results happen when the project is done in sequence. To ignore any of the steps invites legal, Human Resource, and Public Relations problems, not to mention continued potential access to pornographic material. Remember depending on the material it may not only be a matter of employees wasting company time. Companies may be legally liable depending on the type of material in question and their demonstrated efforts in preventing access to it. Step One 1-Re-examining who really needs the Net. Many firms provide blanket Web access to all of their employees without examining who really needs Web access. Some companies, out of fear do not allow their employees any access. These two extremes usually exhibit poor planning. Simply examining who in the organization needs the Web for their jobs and who doesn't is the right first step. Step 2-Updating Company Policies Most company policies regarding use of the Internet is outdated. It is imperative that company policies reflect the new realities of the Internet and spell out what is and is not appropriate and professional behaviour. Step 3-Installing Filtering Software Filtering software systems will virtually guarantee that employees do not access undesirable sites of any kind. These sites can be extended beyond pornography and hate literature to include sports and leisure sites. More elegant solutions would allow access to certain site to either individuals or departments. This would ensure that employees in the shipping department have access to the corporate Intranet, the UPS, FedEx and Puralator, and address directory sites and nothing else. Marketing on the other hand may have full and open access. Paramount to filtering systems is constantly updated lists of new Web sites, newsgroups and other new offensive material. Step 4-Communicating and Changes Once these changes are in place organization must communicate these changes to employees. This is best accomplished via a senior corporate representative through a company wide memo or e-mail. The whole process can take as little as one month if IS managers are on board. Like many projects this one requires an internal champion or leader to drive the process. Once implemented there is very little maintenance involved. Safe surfing is no accident.